×
Latest update: Apply for your .africa domain name during General Availability with these Domain Registrars (Open to anyone)

What is DNSSEC?

Recently discovered vulnerabilities in the Domain Name System (DNS) suggest that an attacker may be able to hijack the process of looking up a website using a domain name (the “directory lookup”). The purpose of this type of attack is to take control of the session with an aim of sending the user to the hijacker's own deceptive website for purposes of collecting account and password information (phishing).

The Domain Name Security (DNSSEC) extension is a technology based on an open standard specification that provides both the end user and the provider of Internet domain name related services with the assurance that a domain name address is indeed correct and can be trusted.

How does it work?

DNSSEC uses a “chain of trust” initiated from the top of the Internet domain name system (the “ROOT”) down to the actual domain name being used. This mechanism is used to verify that the requested domain name records are indeed correct and can be trusted.

DNSSEC extends the existing domain records to include a Digital Signature (DS). The DS is applied to a domain by its owner, which identifies a domain’s authenticity so that users may trust it. In order to be effective, DNSSEC must be deployed at each step in the domain lookup from root zone to final domain name.

Example: DNSSEC Directory Lookup for example.africa

 

What are the benefits of DNSSEC?

Full deployment of DNSSEC throughout the domain name system will ensure that the end user is connecting to the actual website or other service corresponding to a particular domain name. Although this will not solve all the security problems of the Internet, it does protect a critical piece of it - the directory lookup - complementing other technologies such as SSL (https:) that protects the "conversation".

 

What is ZA’s current position on DNSSEC?

The ZACR – as the designated operator of .ZA SLDs - is currently making a considerable investment in both hardware and software infrastructure to provide DNSSEC for the .ZA Top Level Domain (TLD) and SLDs (.ZA, CO.ZA, ORG.ZA etc.) and the new generic Top Level Domains currently under application with ICANN (.AFRICA, .CAPETOWN , .DURBAN and .JOBURG).

The ZACR’s DNSSEC implementation will make use of Hardware Security Modules (HSMs), which ensure the security of the DS keys, and thus improving the chain of trust in the various name spaces.

The ZADNA and ZACR will adopt a prudent approach of implementing DNSSEC in a coordinated and uniform manner across the .ZA namespace, from the top level to second and third levels. A successful DNSSEC implementation not only requires the implementation of the necessary technical infrastructure, but also requires a suitable policy framework and an extensive awareness campaign directed at users and services providers within .ZA. This process is currently underway and further details will be communicated to the public in due course.

Altech Card Solutions

HSM's provided by Altech

 

Frequently Asked Questions

Ask your Domain Registrar or ISP about dotAfrica domain registrations. You may wish to participate in Sunrise if you have any rights to the name. Find a dotAfrica Domain Registrar here.

For the latest status updates, please visit dotafrica.org.

The .africa TLD will be launched in two phases, namely:

  • Sunrise and Landrush. For the Sunrise phase, trademark & brand names will be the priority. Landrush applications are usually for premium or sought-after domain names.
  • General Availability: This is the general open registration and continuous operations phase.

If you are a trademark holder ICANN prescribes a process, which we as the Registry Operator need to follow to ensure that genuine trademarks are protected and sold to the valid entity. The trademark holder will need to register their trademarks with the ICANN Trademark Clearing House or the Mark Validation System.

This will depend on individual Registrar pricing, in which launch phase you register the domain and if the domain is a premium name or not.

There are various protection mechanisms and policies, which the Registry Operator needs to adhere to and we are also bound by ICANN to make these policies part of our operations.

The various policies include:

  • Rights Protection Policies
  • Dispute Resolutions
  • Sunrise Policy
  • Landrush Policies, etc

See the Policy menu item above for more information.

Pre-registration .africa domain names will not be possible. Any application submitted during the dotAfrica Sunrise phase must have a corresponding validation token (SMD) in order to obtain the highest possible priority allocation.

If an applicant wants to secure the best possible claim to a domain name application during the launch, it must be associated with a pre-validated trade mark in either the TMCH or MVS. Without this a claim to the corresponding domain name is relegated to lesser priority status. The official way in which you can best secure your rights to a name in the new .africa namespace would be through the pre-validation of a registered mark.

See the MVS at www.markvalidation.com for more information.

For more detailed information on the launch program with the anticipated timelines, click here. If you have any rights to the .africa domain/s name you want, you should apply during Sunrise.

dotAfrica is the new Top Level Domain (TLD) for the African continent: It is an African initiative created by Africans for Africans and the worldwide audience of companies, organisations and individuals interested in, associated with and connected with the African community and markets.

The dotAfrica initiative is fully endorsed by the African Union (AU) and has widespread support across the continent - from African governments, the business sector, civil society and the technical community. dotAfrica is led by a multi-stakeholder Steering Committee from across the continent.

Benefits of a dotAfrica TLD

  • Identify with the continent.
  • Showcase your brand and commitment to Africa's growth and development.
  • Expand your footprint and influence in the region.
  • Establish a home for Africa-specific services, products and information.
  • Acquire valuable online reale-state in a fast-growing high potential market.
  • Secure and protect your Intellectual Proerty Rights (IP).
  • Participate in Africa's online renaissance.